Skip to content

📘 Update guestbook updates branch#2241

Open
JFWooten4 wants to merge 164 commits intostellar:chore/guestbook-updatesfrom
JFWooten4:finish-guestbook-updates
Open

📘 Update guestbook updates branch#2241
JFWooten4 wants to merge 164 commits intostellar:chore/guestbook-updatesfrom
JFWooten4:finish-guestbook-updates

Conversation

@JFWooten4
Copy link
Contributor

@JFWooten4 JFWooten4 commented Feb 11, 2026

Trying to clear out some of the old PRs because they contain commits I need to continue 723.

Also I think this is kinda funny.

0xGeorgii and others added 30 commits October 23, 2025 11:53
@0xGeorgii
Update security-tools.mdx (stellar#1780)
8b2a96c 
Add Soroban Security Portal info to security-tools.mdx
@johncanneto @ElliotFriend
Update providers.mdx (stellar#1946)
39def88 
* Update providers.mdx

Updated Validation Clouds horizon history values - we have discussed them reducing history to a year, but they still support full history for now.

* fix typo

---------

Co-authored-by: Elliot <elliot@stellar.org>
@github-actions
chore: Download crowdin translations and run crowdin:fix (stellar#1947)
77d174d 
Co-authored-by: github-actions <github-actions@github.com>
@github-actions
chore: Download crowdin translations and run crowdin:fix (stellar#1950)
662188e 
Co-authored-by: github-actions <github-actions@github.com>
@urvisavla
Update galexie hw requirements (stellar#1952)
ca82005
@HunterSides
Fix typo in RPCLedgerBackend section (stellar#1953)
e6fde5e 
fix typo
@github-actions
chore: Download crowdin translations and run crowdin:fix (stellar#1957)
176f234 
Co-authored-by: github-actions <github-actions@github.com>
@quietbits
Fix formatting (stellar#1958)
071db1d
@github-actions
chore: Download crowdin translations and run crowdin:fix (stellar#1961)
7308105 
Co-authored-by: github-actions <github-actions@github.com>
@jeesunikim
Update Invoke Contract Page on Lab (stellar#1959)
e5982bf
@briwylde08
some typos (stellar#1962)
cb754e2
@github-actions
chore: Download crowdin translations and run crowdin:fix (stellar#1963)
b49799d 
Co-authored-by: github-actions <github-actions@github.com>
@urvisavla
Update Galexie repo links (stellar#1965)
81f9970
@jeesunikim
Add 'Restore footprint' section on Contract Explorer (stellar#1966)
3dd60d5
@quietbits
Lab: View XDR docs (stellar#1967)
6d6bce2 
* Lab: View XDR docs

* Tweaks

* Add banner
@AshFrancis
docs: update URL to new Scaffold Stellar site (stellar#1971)
8abffe4
@jeesunikim
[Lab] add a doc on upload and deploy contract (stellar#1970)
bc18b93
@quietbits
Lab: Saved docs (stellar#1969)
db5a971 
* Lab: Saved docs

* Move saved requests

* Updated routes

* Tweaks
@github-actions
chore: Download crowdin translations and run crowdin:fix (stellar#1973)
7ee5103 
Co-authored-by: github-actions <github-actions@github.com>
@somazo
make crowdin workflows more frequent (stellar#1975)
6d13598
@elizabethengelman
Add use 'upload' instead of 'install' in routes (stellar#1972)
ce8e866 
* Add use 'upload' instead of 'install' in routes

* Add redirects
@JFWooten4
🖌️ Minor publishing code syntax (stellar#1099)
755aa8e 
* ⌨️ Optimize `nginx` line spacing

* Fix misc go change

* 🐍 Python spacing, misc flow
I like adding some space to seperate out the caller base object with the local variable for ease of visual parsing

* 🤖 ran the prettier script

* 🐜 pass compilation checks (sync)
@github-actions
chore: Download crowdin translations and run crowdin:fix (stellar#1977)
58dfba1 
Co-authored-by: github-actions <github-actions@github.com>
@elizabethengelman
Add cookbook about meta on build (stellar#1978)
d44e04b 
* Add stub file for contract-build-meta.mdx

* Add contract-build-meta to routes
@carstenjacobsen @ElliotFriend
Adding Stellar Developer Meeting notes (stellar#1980)
2e603ac 
* Adding meeting notes for October and November

* Adding meeting notes for October and November

* Fixing formatting

* Fixing formatting

* Adding routes

* Updating routes

* Updating routes

* add new plog post pages to routes

---------

Co-authored-by: Elliot <elliot@stellar.org>
@janewang
Add llms.txt and close stellar#1964 (stellar#1981)
cb9e1e3
@janewang @briwylde08
Add latest OpenZeppelin products to docs (stellar#1982)
5328a3d 
* Add latest OpenZeppelin products to docs

* formatting

---------

Co-authored-by: Bri Wylde <92327786+briwylde08@users.noreply.github.com>
@github-actions
chore: Download crowdin translations and run crowdin:fix (stellar#1991)
71b1949 
Co-authored-by: github-actions <github-actions@github.com>
@cjonas9
docs: remove dated reference to local .stellar directory (stellar#1994)
085e274 
* remove dated reference to local .stellar directory

* fixed alias path to reflect global stellar config folder
@github-actions
chore: Download crowdin translations and run crowdin:fix (stellar#2002)
bc73a28 
Co-authored-by: github-actions <github-actions@github.com>
marwen-abid and others added 28 commits January 13, 2026 08:55
@marwen-abid
SDP-1966 Update GET /wallets API docs with query parameters (stella…
cbab383 
…r#2184)
@kaankacar @ElliotFriend
Add Building with AI documentation page (stellar#2175)
12dc5f8 
* Add Building with AI documentation page

* fix: format building-with-ai.mdx with prettier

* Update docs/tools/developer-tools/building-with-ai.mdx

Co-authored-by: Elliot Voris <elliot@stellar.org>

---------

Co-authored-by: Elliot Voris <elliot@stellar.org>
@dependabot
Bump tar from 7.5.2 to 7.5.3 (stellar#2185)
249d8e0 
Bumps [tar](https://github.com/isaacs/node-tar) from 7.5.2 to 7.5.3.
- [Release notes](https://github.com/isaacs/node-tar/releases)
- [Changelog](https://github.com/isaacs/node-tar/blob/main/CHANGELOG.md)
- [Commits](isaacs/node-tar@v7.5.2...v7.5.3)

---
updated-dependencies:
- dependency-name: tar
  dependency-version: 7.5.3
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
@janewang
Add openzeppelin role manager (stellar#2197)
f1f1eb9
@elizabethengelman
Add a tip pointing people to Scaffold Stellar docs (stellar#2195)
72e93c3
@carstenjacobsen @ElliotFriend
@janewang
Add OZ Relayer docs stellar#2071 (stellar#2176)
26d7eab 
* Adding OZ Relayer to docs

* Adding OZ Relayer to docs

* Fixing formatting

* Fixing formatting

* Fixing formatting

* Fixing formatting

* Fixing formatting

* Fixing formatting

* Fixing formatting

* Fixing formatting

* Fixing formatting

* Fixing intro text

* Adding link to OZ docs

* Use rpc.pollTransaction() for polling

* Update docs/tools/openzeppelin-relayer.mdx

Co-authored-by: Elliot Voris <elliot@stellar.org>

* Update docs/tools/openzeppelin-relayer.mdx

Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>

* Update docs/tools/openzeppelin-relayer.mdx

Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>

* Update docs/tools/openzeppelin-relayer.mdx

Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>

* Update docs/tools/openzeppelin-relayer.mdx

Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>

* Update docs/tools/openzeppelin-relayer.mdx

Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>

* Update docs/tools/openzeppelin-relayer.mdx

Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>

* Update routes.txt

Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>

* Change to single quote and remove used args variable definition

* Update to relative link

* Update docs/tools/openzeppelin-relayer.mdx

Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>

* Update docs/tools/openzeppelin-relayer.mdx

Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>

* Update docs/tools/openzeppelin-relayer.mdx

Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>

* Fixing formatting

* Fixing routes.txt

---------

Co-authored-by: Elliot Voris <elliot@stellar.org>
Co-authored-by: Jane Wang <jane.wang@stellar.org>
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
@janewang
Update OpenZeppelin page (stellar#2200)
30baf15 
* Update OpenZeppelin page

* Update docs/tools/openzeppelin-contracts.mdx

Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>

---------

Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
@jeesunikim
Update Lab sections to include deploy contract, trustline, tutorials,…
bf86386 
… and etc (stellar#2201)
@jayz22
Add p25 release table (stellar#2202)
c391d86 
* Add p25 release table

* Update core version

* Update env version
@briwylde08
update setup language (stellar#2209)
c828e23
@dependabot
Bump tar from 7.5.3 to 7.5.6 (stellar#2194)
4cd7d08 
Bumps [tar](https://github.com/isaacs/node-tar) from 7.5.3 to 7.5.6.
- [Release notes](https://github.com/isaacs/node-tar/releases)
- [Changelog](https://github.com/isaacs/node-tar/blob/main/CHANGELOG.md)
- [Commits](isaacs/node-tar@v7.5.3...v7.5.6)

---
updated-dependencies:
- dependency-name: tar
  dependency-version: 7.5.6
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
@janewang
Improve clarity of CLI plugins docs (stellar#2171)
5aed57b 
* Improve clarity of CLI plugins docs

* Remove redundant sentence
Add video series section to Scaffold Stellar documentation (stellar#2204
b28dcf9 
)
@ElliotFriend
resolve linting error by migrating custom components to typescript (s…
abda731 
…tellar#2188)

* resolve linting error by migrating custom components to typescript

Fixes stellar#1646

* use exported function rather than const, for consistency
@dependabot
Bump diff from 5.2.0 to 5.2.2 (stellar#2190)
a173435 
Bumps [diff](https://github.com/kpdecker/jsdiff) from 5.2.0 to 5.2.2.
- [Changelog](https://github.com/kpdecker/jsdiff/blob/master/release-notes.md)
- [Commits](kpdecker/jsdiff@v5.2.0...v5.2.2)

---
updated-dependencies:
- dependency-name: diff
  dependency-version: 5.2.2
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
@ElliotFriend
update ttl extension guide to follow auto-restoration logic (stellar#…
13fc2d7 
…2189)

* update ttl extension guide to follow auto-restoration logic

Fixes stellar#2075

* Update docs/build/guides/archival/test-ttl-extension.mdx

Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>

* Update docs/build/guides/archival/test-ttl-extension.mdx

Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>

---------

Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
@Shaptic
Add authMode to simulateTransaction (stellar#2215)
0242ac9
@jeesunikim
[Lab] Add Transaction Dashboard (stellar#2205)
fb2aee4
@marcelosalloum
How-To Guide: on how to sign contract invocations using C-accounts (s…
679bbaf 
…tellar#2206)

### What

How-to guide on how to sign contract invocations using G-accounts or C-accounts.

Although the guide covers both signing types (transaction signing, and auth-entry signing), it focuses more heavily on the auth-entry signing, which is new(er), more complicated and lacks documentation.

### Why

Having the opportunity to interact with multiple projects that enforce that flow (Launchtube, OpenZeppelin Relayer, WalletBackend, MeridianPay), I know very well how that's poorly documented and has many pitfalls.

This guide provides working code examples using `AssembledTransaction`, explains simulation and auth requirements, and includes visual diagrams to clarify the authorization flow.

### AI

The guide and snippets have been tested by multiple AI agents for functionality and clarity ✅

### Preview

Should be deployed to:
https://developers-pr2206.previews.kube001.services.stellar-ops.com/docs/build/guides/transactions/signing-soroban-invocations
@kaankacar
Rename "Rust on Stellar" section to "Developing Smart Contracts" (ste…
62125b9 
…llar#2219)

The phrase "Rust on Stellar" translates poorly in Google Translate for
certain languages (e.g., Hindi interprets "Rust on" as "war on").
Renamed to "Developing Smart Contracts" to avoid confusion.

Fixes stellar#2191
@briwylde08 @ElliotFriend
Add ZK page to docs (stellar#2216)
af319a5 
* Add ZK page to docs

* copilot review suggestions

* dropdown, content

* Update docs/build/apps/zk.mdx

Co-authored-by: Elliot Voris <elliot@stellar.org>

* Update docs/build/apps/zk.mdx

Co-authored-by: Elliot Voris <elliot@stellar.org>

* Update docs/build/apps/zk.mdx

Co-authored-by: Elliot Voris <elliot@stellar.org>

* Update docs/build/apps/zk.mdx

Co-authored-by: Elliot Voris <elliot@stellar.org>

* new host function descriptions

---------

Co-authored-by: Elliot Voris <elliot@stellar.org>
@briwylde08
Testnet reset 2026 dates (stellar#2223)
6f0fcc7 
* Testnet reset 2026 dates

* 2025->2026
@carstenjacobsen
Adding January meeting notes (stellar#2227)
58dfead 
* Adding January meeting notes

* Adding January meeting notes
@briwylde08
Add Soropg online IDE to developer tools (stellar#2225)
d4d1592 
* Initial plan

* Add Online IDE (Soropg) page to developer tools

* Soroban -> Stellar

---------

Co-authored-by: copilot-swe-agent[bot] <198982749+Copilot@users.noreply.github.com>
Co-authored-by: Bri Wylde <92327786+briwylde08@users.noreply.github.com>
@janewang
Add OZ relayer status (stellar#2226)
3f8bf81 
* Add OZ relayer status

* Update format
@marwen-abid
SDP-1637 embedded wallets docs (stellar#2187)
28e055f 
* SDP-1637 embedded wallets docs

* SDP-1637 embedded wallets docs

* SDP-1637 address PR comments

* Address PR reviews

* Fix formatting
@dependabot
Bump glob from 13.0.0 to 13.0.1 (stellar#2236)
89eee36 
Bumps [glob](https://github.com/isaacs/node-glob) from 13.0.0 to 13.0.1.
- [Changelog](https://github.com/isaacs/node-glob/blob/main/changelog.md)
- [Commits](isaacs/node-glob@v13.0.0...v13.0.1)

---
updated-dependencies:
- dependency-name: glob
  dependency-version: 13.0.1
  dependency-type: direct:development
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
@JFWooten4
Merge https://github.com/stellar/stellar-docs into finish-guestbook-u…
79b60c9 
…pdates
@socket-security
Copy link

socket-security bot commented Feb 11, 2026

Review the following changes in direct dependencies. Learn more about Socket for GitHub.

Diff Package Supply Chain
Security		 Vulnerability Quality Maintenance License
Updated@​docusaurus/​tsconfig@​3.8.1 ⏵ 3.9.21001005695 -2100
Updated@​docusaurus/​faster@​3.8.1 ⏵ 3.9.299 +11006795100
Updated@​docusaurus/​module-type-aliases@​3.8.1 ⏵ 3.9.21001006998 +1100
Updated@​docusaurus/​preset-classic@​3.8.1 ⏵ 3.9.2991007098 +1100
Updated@​docusaurus/​types@​3.8.1 ⏵ 3.9.29910072 +198100
Updated@​docusaurus/​eslint-plugin@​3.8.1 ⏵ 3.9.299 +11007299 +2100
Updated@​docusaurus/​core@​3.8.1 ⏵ 3.9.298 +110075 +198100
Updateddocusaurus-theme-openapi-docs@​4.3.7 ⏵ 4.5.1971007596100
Updated@​docusaurus/​theme-mermaid@​3.8.1 ⏵ 3.9.210010076 +198100
Addedjs-yaml@​4.1.19810010081100
Updatedpatch-package@​8.0.0 ⏵ 8.0.197 +1100100 +182100
Updated@​eslint/​eslintrc@​3.3.1 ⏵ 3.3.39910010084100
Updatedreact@​19.0.0 ⏵ 19.2.31001008497100
Updated@​crowdin/​cli@​4.11.0 ⏵ 4.12.0100 +11008993 +3100
Updatedtypescript@​5.9.2 ⏵ 5.9.310010090 +110090
Updatedprettier@​3.6.2 ⏵ 3.7.490 -310097 +196100
Addedglob@​13.0.110010010091100
Updatedreact-dom@​19.0.0 ⏵ 19.2.3100 +110092 +198100
Updatedeslint@​9.36.0 ⏵ 9.39.294 +510010097100
Updated@​docusaurus/​remark-plugin-npm2yarn@​3.8.1 ⏵ 3.9.294 -11009899 +1100
Updatedsass@​1.93.1 ⏵ 1.97.110010010094 -2100
Updated@​eslint/​js@​9.36.0 ⏵ 9.39.2100100100 +1095100
Updateddocusaurus-plugin-openapi-docs@​4.3.7 ⏵ 4.5.198 +110010096100
Updated@​redocly/​cli@​1.34.5 ⏵ 2.14.198100100100100

View full report

@socket-security
Copy link

socket-security bot commented Feb 11, 2026

Warning

Review the following alerts detected in dependencies.

According to your organization's Security Policy, it is recommended to resolve "Warn" alerts. Learn more about Socket for GitHub.

Action Severity Alert  (click "▶" to expand/collapse)
Warn High
License policy violation: npm diff under BSD-3-Clause

Location: Package overview

From: ?npm/@stellar/open-rpc-docs-react@0.2.1npm/docusaurus-theme-openapi-docs@4.5.1npm/diff@5.2.2

ℹ Read more on: This package | This alert | What is a license policy violation?

Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at support@socket.dev.

Suggestion: Find a package that does not violate your license policy or adjust your policy to allow this package's license.

Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment @SocketSecurity ignore npm/diff@5.2.2. You can also ignore all packages with @SocketSecurity ignore-all. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.

Warn High
License policy violation: npm json-schema

Location: Package overview

From: ?npm/@docusaurus/preset-classic@3.9.2npm/json-schema@0.4.0

ℹ Read more on: This package | This alert | What is a license policy violation?

Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at support@socket.dev.

Suggestion: Find a package that does not violate your license policy or adjust your policy to allow this package's license.

Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment @SocketSecurity ignore npm/json-schema@0.4.0. You can also ignore all packages with @SocketSecurity ignore-all. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.

Warn High
License policy violation: npm marked under BSD-3-Clause AND MIT

Location: Package overview

From: ?npm/@docusaurus/theme-mermaid@3.9.2npm/@docusaurus/preset-classic@3.9.2npm/marked@16.4.2

ℹ Read more on: This package | This alert | What is a license policy violation?

Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at support@socket.dev.

Suggestion: Find a package that does not violate your license policy or adjust your policy to allow this package's license.

Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment @SocketSecurity ignore npm/marked@16.4.2. You can also ignore all packages with @SocketSecurity ignore-all. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.

Warn High
License policy violation: npm node-forge under GPL-2.0

License: GPL-2.0 - the applicable license policy does not allow this license (4) (package/LICENSE)

From: ?npm/@docusaurus/core@3.9.2npm/node-forge@1.3.3

ℹ Read more on: This package | This alert | What is a license policy violation?

Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at support@socket.dev.

Suggestion: Find a package that does not violate your license policy or adjust your policy to allow this package's license.

Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment @SocketSecurity ignore npm/node-forge@1.3.3. You can also ignore all packages with @SocketSecurity ignore-all. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.

Warn High
License policy violation: npm qs under BSD-3-Clause

Location: Package overview

From: ?npm/@stellar/open-rpc-docs-react@0.2.1npm/docusaurus-theme-openapi-docs@4.5.1npm/@docusaurus/core@3.9.2npm/qs@6.14.1

ℹ Read more on: This package | This alert | What is a license policy violation?

Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at support@socket.dev.

Suggestion: Find a package that does not violate your license policy or adjust your policy to allow this package's license.

Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment @SocketSecurity ignore npm/qs@6.14.1. You can also ignore all packages with @SocketSecurity ignore-all. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.

Warn High
License policy violation: npm sass

Location: Package overview

From: package.jsonnpm/sass@1.97.1

ℹ Read more on: This package | This alert | What is a license policy violation?

Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at support@socket.dev.

Suggestion: Find a package that does not violate your license policy or adjust your policy to allow this package's license.

Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment @SocketSecurity ignore npm/sass@1.97.1. You can also ignore all packages with @SocketSecurity ignore-all. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.

Warn High
License policy violation: npm shelljs under BSD-3-Clause

Location: Package overview

From: ?npm/@crowdin/cli@4.12.0npm/shelljs@0.10.0

ℹ Read more on: This package | This alert | What is a license policy violation?

Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at support@socket.dev.

Suggestion: Find a package that does not violate your license policy or adjust your policy to allow this package's license.

Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment @SocketSecurity ignore npm/shelljs@0.10.0. You can also ignore all packages with @SocketSecurity ignore-all. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.

Warn High
License policy violation: npm typescript under CC-BY-4.0

License: CC-BY-4.0 - the applicable license policy does not allow this license (4) (package/ThirdPartyNoticeText.txt)

License: LicenseRef-W3C-Community-Final-Specification-Agreement - the applicable license policy does not allow this license (4) (package/ThirdPartyNoticeText.txt)

License: MIT-Khronos-old - the applicable license policy does not allow this license (4) (package/ThirdPartyNoticeText.txt)

From: package.jsonnpm/typescript@5.9.3

ℹ Read more on: This package | This alert | What is a license policy violation?

Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at support@socket.dev.

Suggestion: Find a package that does not violate your license policy or adjust your policy to allow this package's license.

Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment @SocketSecurity ignore npm/typescript@5.9.3. You can also ignore all packages with @SocketSecurity ignore-all. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.

Warn Medium
Deprecated by its maintainer: npm tar

Reason: Old versions of tar are not supported, and contain widely publicized security vulnerabilities, which have been fixed in the current version. Please update. Support for old versions may be purchased (at exhorbitant rates) by contacting i@izs.me

From: ?npm/@crowdin/cli@4.12.0npm/tar@7.5.6

ℹ Read more on: This package | This alert | What is a deprecated package?

Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at support@socket.dev.

Suggestion: Research the state of the package and determine if there are non-deprecated versions that can be used, or if it should be replaced with a new, supported solution.

Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment @SocketSecurity ignore npm/tar@7.5.6. You can also ignore all packages with @SocketSecurity ignore-all. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.

View full report

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.